Role in IT decision-making process:Align Business & IT GoalsCreate IT StrategyDetermine IT NeedsManage Vendor RelationshipsEvaluate/Specify Brands or VendorsOther RoleAuthorize PurchasesNot Involved

Work Phone:

Company:

Company Size:

Industry:

Street Address

City:

Zip/postal code

State/Province:

Country:

Occasionally, we send subscribers special offers from select partners. Would you like to receive these special partner offers via e-mail?YesNo

Your registration with Eweek will include the following free email newsletter(s):News & Views

By submitting your wireless number, you agree that eWEEK, its related properties, and vendor partners providing content you view may contact you using contact center technology. Your consent is not required to view content or use site features.

By clicking on the "Register" button below, I agree that I have carefully read the Terms of Service and the Privacy Policy and I agree to be legally bound by all such terms.

WEBINAR:On-Demand

IBM announced its new Pinpoint Verify technology on Nov. 8, providing organizations with a model for combating online fraud with a digital identity trust approach.

Alongside the new technology release, IBM sponsored a report from Javelin, titled "Preserving Trust in Digital Services," that provides context for why digital identity trust is needed. Among the primary findings of the 27-page report is that financial institutions reported that just 50 percent of consumers believe mobile banking is secure.

"Many popular methods, such as user name and password or knowledge-based authentication, can be both ineffective at stopping malicious users and cause customer frustration," Jason Keenaghan, director of IAM and fraud at IBM Security, told eWEEK. "However, we were most surprised to see these organizations reporting on their actual authentication failure rates."

Further reading

Respondents to the Javelin survey indicated that more than one in five (22.8 percent) of their users are failing authentication. Keenaghan said that for a significant portion of respondents (13 percent), that number goes as high as over 40 percent failure rates.

"These numbers clearly indicate that users must be highly frustrated with the authentication process, even more than we had expected," he said.

Pinpoint Verify

The Trusteer Pinpoint suite provides multiple security and fraud protection capabilities that have been expanding in recent years. Keenaghan noted that Pinpoint Verify is an entirely new product module within the Trusteer Pinpoint suite, to enable digital identity trust.

Keenaghan said the areas of identity and online fraud detection are coming together to serve the new market needs for digital identity trust. Similar to the other products in the Pinpoint suite, Pinpoint Verify is a cloud, microservices-based offering for easy deployment, he added. Pinpoint Verify also has a publicly available mobile app for iOS and Android, as well as an SDK available on GitHub to integrate authentication into custom mobile apps.

"The integration is done once, and future changes to leverage the latest authentication factors can be done seamlessly without changing the underlying application, reducing time to market and speeding the development process," Keenaghan said. "The back-end service itself is delivered from the cloud, so there is nothing to install or manage in the data center."

Pinpoint Verify joins other Pinpoint modules, including Assure and Detect, to help manage digital identity trust. Keenaghan said that the Pinpoint Assure module is used to assess the risk of new or anonymous users, building or establishing initial digital identity trust. Pinpoint Detect helps organizations continuously assess the digital identities of known or enrolled users, sustaining that digital identity trust. Finally, if one of these two (Detect or Assure) flags a user as high risk, Pinpoint Verify allows organizations to confirm trust using two-factor strong authentication, he said.

"Pinpoint Verify works with Pinpoint Assure by providing step-up authentication for high-risk users only," Keenaghan said. "It allows the user to confirm the trusted relationship they are building with your organization using multiple different flavors of two-factor authentication: one-time passwords, mobile push, biometrics or other flexible options."

Looking forward, Keenaghan said IBM will continue to invest research and development resources into new and innovative ways to detect and stop the latest threats.

"We are heavily invested in AI and machine learning. Now that might seem just like buzzwords, but for us it is not," he said. "Our researchers are constantly enhancing our AI models to implement new use cases like continuous authentication with behavioral biometrics, bot detection and privacy-preserving client-side analytics."

Sean Michael Kerner is a senior editor at eWEEK and InternetNews.com. Follow him on Twitter @TechJournalist.

Advertiser Disclosure:
Some of the products that appear on this site are from companies from which QuinStreet receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. QuinStreet does not include all companies or all types of products available in the marketplace.